12 Easy Steps for Boosting Your Organizational Protection Against Malware
a. Install an Antivirus program and ensure that it is always up-to date.
b. Install a firewall – either hardware or software – to deny access to your network/computer from locations outside of your gateway. Most operating systems offer a built-in software firewall; ensure that it’s turned on and stays on.
- Keep everything updated. Make sure that your entire computing environment is fully patched:
• Operating system
• Applications such as Adobe Acrobat and Reader
• Browser plugins such as Adobe Flash, etc.
• Other applications that access the web
Most applications can periodically check for updates automatically; ensure that this feature is enabled.
- Use a Non-Admin Account. If you normally run your Windows machine with an account that has administrative privileges, it also means that malicious activity on your session can use those same privileges – letting an attacker do anything they want to your system. Therefore, it is strongly recommended to create an account that does not have admin privileges enabled, and use that for day-to-day operations.
- Use passphrases, not passwords. In other words, don’t use just alphabetic characters. Use a combination of upper and lower case characters, numbers, and special symbols. Take a look at how long it would take for a single desktop PC to crack different kinds of passwords:
Password Contents Length=8 Length=10 Lower case characters 13 minutes 6 days Lower and upper case characters 2 days 18 years Lower and upper case characters
10 days 106 years All of the above plus special symbols 57 days 928 years
Password Padding – Many people use their favorite pet’s name as a password – that’s a terrible idea! However, by padding that name with easily-remembered numbers and symbols, the password can be transformed to become extremely hard to crack. Let’s start with the name “Sophie” (upper case S, lower case “ophie”) and build on that:
Password Time to Crack Sophie Less than one second Sophie*1 57 days -Sophie*1- 928 years –Sophie*1– Five million years —Sophie*1— 32 billion years
You can see that by padding a name with easily remembered numbers and repeated special characters, the password’s strength can be improved tremendously.
- Stop and think before you click on links or open attachments in emails. Don’t open suspicious emails attachments directly – save them and then have your antivirus tool scan them . Don’t click on links in emails requesting your personal details. Always sign out when you’ve finished reading your email. You should treat all emails as suspicious – even an email from a friend may be infected.
- Turn off/Rename/Password protect the Guest account if your operating system comes with one, as is the case with most versions of Windows.
- Turn off auto-play and auto-run. These are off by default in more recent versions of Windows, but you should still check to verify that they’re still disabled.
- Disable “File Sharing”
- Secure your wireless network. If you are using a wireless router/modem, change the default administrator password to something robust as discussed above. Use WPA or WPA2 encryption – WEP is an older standard and is no longer considered secure. Also, disable the router’s ability to be administrated from its WAN side. Refer to your router/modem manual for further details.
- Take care with shortened URLs. URL Shortening services such as bit.ly and TinyURL can mask the actual destination site, with the result being that your browser could be directed to a malicious site without you knowing it until it’s too late. Some URL shortener services allow you to preview the actual URL before going there – avoid using services that do not support this.
- Watch for odd file extensions such as used in “help.txt.vb” and “mother.jpg.exe”. While .txt and .jpg are usually benign extensions, your system will usually only recognize the last extension – .vb or .exe – which will then run and potentially infect your system.